<?php
ob_start();
if(isset($_SERVER['HTTP_APPVERSION'])){
include "./saesiteinfo.php";
}else{
 if(!file_exists("./install/install.lock")){
header('location:./install');
exit;
 }else{
include "./siteinfo.php";
 }
}
//连接数据库
$localhost=mysql_connect($sqlhost,$sqluser,$sqlpass)or die("无法连接服务器");
mysql_select_db($sqldata,$localhost);
if (isset($_COOKIE["SHANIUUSER"]) && isset($_COOKIE["SHANIUPASS"])){
$user=$_COOKIE["SHANIUUSER"];
$pass=$_COOKIE["SHANIUPASS"];
$mysql = mysql_query("SELECT * FROM user WHERE user='$user'");
$sql= mysql_fetch_array($mysql);
?>
<html>
<head>
<meta content="width=device-width,user-scalable=no" name="viewport">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>用户密码修改 - <?php echo $sitename; ?></title>
<link rel="stylesheet" type="text/css" href="css/register.css"/>
</head>
<body>
<div class='signup_container'>
    <h1 class='signup_title'>用户密码修改</h1>
                <div id="signup_forms" class="signup_forms clearfix">
<?php if(empty($_POST['submit'])){
?>
<center>
<form class="signup_form_form" method="post" action="">
<div class="form_row">
                        <label for="signup_password">旧密码</label>
                        <input type="text" name="jiupass" placeholder="旧密码" id="signup_user" data-required="required">
                    </div>
              <div class="form_row">
                        <label for="signup_password">新密码</label>
                <input type="password" name="xinpass" placeholder="新密码" id="signup_email" data-required="required">
                    </div>
                    
     
</div>

    <div class="login-btn-set"><div class='rem'>确认更改</div> <input type="submit" value=" " name="submit" class='login-btn2'></form></div>
</form>
</center>
<?php
}else{
$jiupass=md5($_POST["jiupass"]);
$xinpass=md5($_POST["xinpass"]);
if ($jiupass==$sql['pass']) {
mysql_query("UPDATE user SET pass= '$xinpass' WHERE user='$user'");
echo '<center>密码修改成功</center>';
}else{
echo '<center>旧密码错误</center>';
}
}
?></td>
  </tr>
  <tr>
    <td height="28"><div align="center"><a href="./user.php">返回挂Q页面</a></div></td>
  </tr>
</table>
</body>
</html>
<?php
}else{
//如果没登录就显示下面的
header("refresh:0;url=tishi.php");
}
?>